WEBINAR | From Deal to Defense: Unifying Cybersecurity Post-M&A
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Find cyber threats that have evaded your defenses.
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Brands of the world trust ReliaQuest to achieve their security goals.
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
The latest white papers focused on security operations strategy, technology & insight.
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
February 20, 2024
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
The international reaction to the Russian invasion of Ukraine has manifested in a few distinct ways, as outlined in our previous reporting. This includes humanitarian efforts, wide-ranging sanctions, and businesses halting operations in Russia. Another notable response is the resurgence of hacktivism. A variety of hacktivist attacks have been conducted, with a significant number, unsurprisingly, coming from within Ukraine. This blog will dive into hacktivist activity we’ve observed in the past few weeks, and discuss what hacktivists are doing differently this time around.
Hacktivism is highly influenced by geopolitical and political conditions; it is not often a proactive ideology. This is why we see it mostly ebbing and flowing, with hacktivism often thought to be a downtrending attack vector since 2017. Pertinent events that cause global attention, as seen with the Russian invasion of Ukraine, are likely to galvanize hacktivists en masse. Hacktivism has historically taken the forms of denial-of-service, defacement attacks, and data-leaks. We’ve definitely seen all of these types of attacks in the last few weeks.
However, what’s notable is that in some cases, it is being organized centrally. On 26 Feb 2022, Ukraine’s Vice Prime Minister and Minister for Digital Transformation announced that Ukraine had created an “IT Army”, to combat Russian cyber-action. The group, openly available on Telegram as the IT Army of Ukraine, reportedly contains over 400,000 members. The group administrators are dictating orders, with the members carrying them out. Fedorov even stated that there will be “tasks for everyone”, indicating a willingness to bring as many volunteers on board as possible.
Notably, the IT Army of Ukraine has had some initial success; on 28 Feb 2022, the administrators proclaimed victory in taking down the Moscow Exchange’s website. The same occurred with the state-owned Sberbank, and several other targets, including the Russian powergrid. Before we move on to discuss the targets, it is important again to note that this was promoted by the Ukrainian government, in an unprecedented move of state-sanctioned hacktivism.
Crowdsourcing such operations is however not a novel technique, Anonymous has shown that for years, with the hacking collective having made a serious comeback in recent weeks. The advantage of a group such as Anonymous is its flexibility; because it does not have a serious centralized structure and chain of command, anyone can deface a Russian site and claim it in the name of Anonymous. Another novel technique we’ve seen has involved the use of mobile phones. A polish hacktivist collective named squad303 has developed a website that randomly selects from around 140 million Russian email addresses and 20 million phone numbers, and lets users circumvent Russian propaganda by sending information about the war in Ukraine directly to these phones and addresses. Although the impact of this is yet to be seen, it demonstrates ingenuity in getting around highly restrictive reporting laws in Russia.
There are, however, risks that come attached to hacktivist activity. DDoS and site defacement is illegal, and there is a chance for unintended consequences. Hacktivism could potentially play into the hands of Kremlin propaganda, that western aligned actors are disrupting Russians day-to-day lives, that they’re lying about Ukraine, and so on. Another unintended consequence could be that hacktivism further encourages the Kremlin to enact its “Sovereign Internet” law, a measure designed to cut off Russian internet from the rest of the world. Amid this risk is also the possibility that someone goes too far, and causes a level of disruption that causes a threat-to life. Russian authorities would likely associate this with a nation-state, thereby increasing the chances of miscalculation or escalation. Despite these risks, hacktivists will highly likely continue to combat Russia in the cyberspace. If you want to read more, our latest edition of What We’re Reading This Month also provides some valuable insights into hacktivism.
In summary, we’ve seen a significant increase in hacktivist operations since Russian forces crossed into Ukraine. Volume of activity has spiked, but we’re also observing novel approaches to organizing and attempting to circumvent obstacles. This will likely continue in the coming weeks and months as the war develops. If you want a deeper dive into hacktivism and ongoing events related to Russia and Ukraine, get a customized demo of Search Light (now ReliaQuest GreyMatter Digital Risk Protection).